Cyber attacks drive demand for network security staff

The increase in cyber attacks has driven a growth in demand for network security staff, according to a report into the information security jobs market.

In light of attacks by Anonymous and Lulzsec on major organisations like Amazon, MasterCard and the Sony Playstation Network, the 2011 Interim Market Report from recruitment agency Barclay Simpson found that companies are now strengthening their network security infrastructure.

"There is an increase in demand for firewall experts with qualifications in Juniper and Checkpoint and for security practitioners with experience of configuring IDS/IPS (Intrusion Detection System or Intrusion Prevention System).

"As the year progresses those who have specialised in network security will be more highly sought-after, which will increase rates for permanent and contract candidates alike," the report said.

The study follows recent research from Lancaster University, which found that network and security experts from academia, industry and government were most worried about the misuse of data and malicious traffic attacks on the network, than physical attacks on the infrastructure.

Moreover, the Barclay Simpson report found that the information security jobs market is currently experiencing pre-recession supply and demand patterns.

Demand for IT security professionals in 2010 was driven mainly by retail banking, but this year, a wider range of end user companies, such as telecoms, utilities and insurance, are now recruiting IT security staff.

In particular, due to new PCI regulations, companies have been employing PCI-DSS (Data Security Standard) specialists to avoid using consultancies. Barclay Simpson believes that while most of the demand has been for single recruits focusing on PCI-DSS work, this demand will grow as larger teams are formed.

Another skill that is becoming more in demand is the ability to cross between information security and IT risk management skills.

"In the banking sector, the line between security and risk management is becoming increasingly blurred," the report said.Salaries

In terms of pay, the average salary increase that information security workers moving jobs during the first half of the year had increased from 11 percent in the last six months of 2010 to 13 percent.

This is the highest increase for two years (in June 2009 it was just four percent), but the report said that the higher salaries often offset the loss of benefits such as company cars and bonuses in the financial services sector.

Furthermore, IT professionals who stay in the same jobs only see annual salary increases that match inflation at best.

Unsurprisingly, salary increases continue to be highest in the financial services sector, followed by commerce and then by system integrators and consultancies.

The highest-paid permanent IT security role is a senior account manager specialising in cloud or security services within the cloud, who is responsible for between seven and 10 SME accounts. In London, a professional in this role could earn up to £160,000, or up to £150,000 in the rest of the UK.

This is followed by the enterprise business development consultant, who is responsible for new business lead generation and sales in a security consultancy. Salaries for this role range from up to £110,000 for the rest of the UK to up to £140,000 in London.

At the other end of the scale, an entry-level role of business continuity analyst working for a large financial services firm earns up to £44,000 in London and up to £41,000 in the rest of the UK.

Contractors, meanwhile, can earn the most - between £500 and £650 a day in London - as technology risk consultants, closely followed by information security consultants and CLAS consultants at between £500 and £600 per day. In the rest of the UK, all three roles see a drop to between £400 to £500 a day.